<?php session_start(); ?>
<?php include("inc/db_config.inc"); ?>
<?php
 function mailTo($from,$to,$cc,$subject,$cont){   
    $to = $to; 
    $user = "小山";
    $date = date("Y年m月d日 H:i:s");
    $headers  = 'MIME-Version: 1.0' . "\r\n";
    $headers .= 'Content-type: text/html; charset=utf-8' . "\r\n";
    $headers .= "To: $to \r\n";
    $headers .= "Cc: $cc\r\n";
    $headers .= 'From: '.$from . "\r\n";
    $subject = $subject; 
    $subject = "=?UTF-8?B?".base64_encode($subject)."?=";
    $content = '亲爱的'."$user".'：'.'<br />'; 
    $content .= '<br />'; 
    $content .= "您的博客秀范网有新的评论，请查看".'<br />';  
    $content .= "地址: ".'<a href="http://www.ouyo.info" target="_blank">www.ouyo.info</a>'.'<br />';
    $content .= '评论内容:'.$cont.'<br />'; 
    $content .= '<br />'; 
    $content .= "邮件自动发出，请勿回复!".'<br />';
    $content .= "$date".'<br />'; 
    $result = mail($to, $subject, $content, $headers); 
    if($result)
    {
        return true;
    }else{
				return false;
    }
    }
?> 
<?php
$ref=$_SERVER['HTTP_REFERER'];
$_ref="javascript:history.back()";

if(isset($_REQUEST['name'])&&$_REQUEST['name']!=""){
	$name=$_REQUEST['name'];
    $com_name=htmlspecialchars($name);
}else{
    echo "请填写名字!<a href='$_ref'>返回</a>";
    return false;
}
if(isset($_REQUEST['email'])&&$_REQUEST['email']!=""){
	$email=$_REQUEST['email'];
    $com_email=htmlspecialchars($email);
}else{
    echo "请填写Email!<a href='$_ref'>返回</a>";
    return false;
}
if(isset($_REQUEST['content'])&&$_REQUEST['content']!=""){
	$content=$_REQUEST['content'];
    $com_content=htmlspecialchars($content);
    if (get_magic_quotes_gpc()) {
			$content = addslashes($com_content);
			
		} else {
			$content = $com_content;
		}
}else{
    echo "内容不能为空!<a href='$_ref'>返回</a>";
    return false;
}
if(isset($_REQUEST['yz'])&&$_REQUEST['yz']!=""){
	$yz=$_REQUEST['yz'];
	if($yz!=$_SESSION['code']){
			echo "验证码错误!<a href='$_ref'>返回</a>";
      return false;
	}
    
}else{
    echo "验证码不能为空!<a href='$_ref'>返回</a>";
    return false;
}

if(isset($_REQUEST['cid'])){
    $com_cid=$_REQUEST['cid'];
}else{
    $com_cid=null;
}
if(isset($_REQUEST['aid'])){
    $com_aid=$_REQUEST['aid'];
    if($com_aid==""){
    $isMail=mailTo($com_email,"wengqianshan5733@gmail.com","wengqianshan5733@163.com","秀范网收到新评论",$com_content);
    }
}
$com_userip=$_SERVER["REMOTE_ADDR"];
date_default_timezone_set("Asia/Shanghai"); //北京时间
$com_post_date=date('Y-m-d H:i:s');
$sql1="insert into comment(cid,aid,name,email,userip,post_date,cont) values('$com_cid','$com_aid','$com_name','$com_email','$com_userip','$com_post_date','$com_content')";
$insert_comment=mysql_query("insert into comment(cid,aid,name,email,userip,post_date,cont) values('$com_cid','$com_aid','$com_name','$com_email','$com_userip','$com_post_date','$com_content')");
if(mysql_affected_rows()>0){
    //echo $sql1;
    if($isMail){
      echo "<script type='text/javascript'>alert('已邮件通知站长')</script></script>";
    }
    echo "<script type='text/javascript'>window.location='$ref';</script>";
}else{
    echo $sql1;
    echo "发表评论失败!";
}

?>
